Governance Risk and Compliance Committee Terms of Reference

2019

The current membership of the GRC Committee is listed on the Who Are We? page.

Approved by Board on 23rd October 2019.

Authority

  • The Governance Risk & Compliance Committee (GRCC) was established to assist the Board of Directors (Board) in fulfilling its governance responsibilities, by monitoring and reviewing An Taisce’s governance, risk and compliance management systems.
  • GRCC aims to help An Taisce achieve and maintain compliance with the Charities Governance Code.
  • GRCC is directly responsible to the Board.
  • GRCC does not replace or replicate established management responsibilities and delegations, the responsibilities of other executive management groups within An Taisce, or the reporting lines and responsibilities of either internal audit or external audit functions.
  • GRCC is only authorised to make recommendations to the Board and does not have the power to make decisions for the organisation in its own right.
  • GRCC has the power to conduct or authorise investigations into any matters within its scope or as requested by the Board.
  • GRCC is entitled to unrestricted access to management, employees, representatives, committees, records and other information it considers relevant to its function.
  • GRCC does not have it’s own budget or bank account.
  • GRCC is empowered to retain independent advice, advisors or other professionals to assist in discharging its responsibilities.
  • GRCC has the authority to conduct its own business without involving An Taisce’s Board.
  • An Taisce will pay the reasonable costs incurred by the Committee in doing so, as well as all administrative costs incurred in carrying out its duties. However, GRCC must not bind An Taisce to any obligations, financial or operational, without prior approval by the Board.

Scope

GRCC’s role is to assist the Board in exercising oversight over An Taisce’s governance, risk and compliance objectives. In performing this role, GRCC’s responsibilities include, but are not limited to the matters listed below.

Governance

GRCC will:

  • Review and monitor An Taisce’s Delegations of Authority and key policies;
  • Review and input to An Taisce’s governance framework and organisational design;
  • Review and input to the policies and procedures designed to ensure compliance and to ensure ongoing transparency;
  • Review management reports on the state of governance within An Taisce;
  • Authorise and oversee special projects or investigations into any matter within the GRCC’s charter or as may be requested from time to time by the Board;
  • Review An Taisce’s sustainability and corporate social responsibility frameworks and related processes;
  • Monitor adherence to policies and initiate investigation to alleged policy breaches.

Risk

GRCC will:

  • Review disclosures in the annual report and management letter in relation to the recognition and management of material risks;
  • Review the adequacy and effectiveness of controls responding to risks;
  • Review An Taisce’s risk appetite on an annual basis;
  • Review An Taisce’s risk profile and its ongoing and potential exposure to emerging risks;
  • Review An Taisce’s risk management frameworks based on evolving standards;
  • Review management systems and loss prevention and control measures directed at managing the potential for loss or damage to An Taisce;
  • Review An Taisce’s fraud and corruption control practices and related material risk exposures;
  • Review and monitor An Taisce’s safety management practices;
  • Review insurance and other risk transfer arrangements;
  • Review business continuity processes and management;
  • Review and monitor the organisational culture;
  • Maintain a risk register.

Compliance

GRCC will:

  • Monitor the effectiveness of An Taisce’s policies, procedures, frameworks and practices that relate to compliance with laws, regulations, policies and standards;
  • Monitor the impact of changes in key laws, regulations and industry standards affecting An Taisce’s operations;
  • Review An Taisce’s compliance management framework and monitor the fulfilment of An Taisce’s obligations and commitments to:
  • Charities Regulator
  • Office of the Revenue Commissioners
  • Companies Registration Office
  • Health & Safety Authority
  • Data Protection Commission
  • Office of the Director of Corporate Enforcement
  • Workplace Relations Commission
  • Lobbying Register
  • Register of Beneficial Ownership
  • EU TRansparency Register

Membership

  • GRCC Members (Member(s)) and Chairperson are appointed by the Board.
  • Members need to be active and add value to the GRCC in order to retain their position.
  • Members must also be members of An Taisce.
  • The Board must ensure the GRCC is adequately resourced as follows:
  • All Members must be versed in governance, risk and compliance management principles and standards.
  • At least one Member must have experience in governance, risk and compliance in the charity, not for profit or NGO sectors.
  • At least one Member has deep, broad institutional knowledge.

Meetings

  • GRCC meets normally monthly, independently of the regular Board meeting, or as needed.
  • Meetings last for a maximum of two hours.
  • Meetings are for discussion, rather than transmitting information. To this end, any documents are submitted for pre-read well in advance of the meeting.
  • Meetings start on time, once two people are present.

Reporting

GRCC reports to the Board at each Board meeting via the GRCC Chair.